196 matches found
ROOT-OS-UBUNTU-2404-CVE-2026-53140 CVE-2026-53140 in rootio-linux - Patched by Root
Root has patched CVE-2026-53140 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-21820 CVE-2025-21820 in rootio-linux - Patched by Root
Root has patched CVE-2025-21820 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
GHSA-H72H-PPCX-998P Zebra has pre-handshake buffer capacity reservation based on attacker-claimed body length
Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node accepts inbound P2P connections network.listenaddr is set, which is the default. Summary The P2P codec's Codec::decode method calls src.reservebodylen + HEADERLEN after parsing a 24-byte protocol header,...
CVE-2026-10653
The Zephyr netbuf library lib/netbuf/buf.c manipulated both of its reference counts -- the per-header buf-ref and the per-data-block refcount at the start of each variable/heap data allocation -- with plain non-atomic C operators buf-ref++, if --buf-ref 0, if --refcount. The API is documented as...
CVE-2026-57316
Subscriber Sensitive Data Exposure in GetGenie = 4.4.2 versions...
Astra Linux – Vulnerability in ffmpeg
In FFmpeg 4.4, the adtsdecodeextradata function in libavformat/adtsenc.c does not check the return value of initgetbits. This is a necessary step, as the second argument of initgetbits can be manipulated...
CVE-2026-56024 WordPress WP EasyPay plugin <= 4.5.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal WP EasyPay allows Cross Site Request Forgery. This issue affects WP EasyPay: from n/a through 4.5.0...
SUSE-SU-2026:2445-1 Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: - CVE-2023-6601: HLS Unsafe File Extension Bypass bsc1220545. - CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When...
EUVD-2026-36971
Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...
CVE-2026-40727
Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...
CVE-2026-40727 WordPress Groundhogg plugin <= 4.4 - Arbitrary File Deletion vulnerability
Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...
PT-2026-49241
Name of the Vulnerable Software and Affected Versions Zephyr versions prior to 4.4.1 Description The native TCP stack contains a use-after-free flaw when iterating the global connection list in the net tcp foreach function. The issue occurs because the function releases the tcp lock while invokin...
CVE-2026-11448
A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...
PT-2026-47169
A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...
PT-2026-47171
A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument dev name results in command injection. It is possible to initiate the attack...
CVE-2026-7379
Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
[SECURITY] Fedora 44 Update: perl-Cpanel-JSON-XS-4.41-1.fc44
This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C...
SUSE CVE-2026-7736
A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...
SUSE CVE-2026-7737
A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of the component BMP Parser. The manipulation leads to out-of-bounds read. The attack can be initiated...
CVE-2026-44068
Incomplete sanitization of extended attribute EA path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to write to files outside the intended metadata namespace via crafted EA names...